Security researcher Karthikeyan Bhargavan reported an issue in Network
Security Services (NSS) where MD5 signatures in the server signature
within the TLS 1.2 ServerKeyExchange message are still accepted. This is
an issue since NSS has officially disallowed the accepting MD5 as a hash
algorithm in signatures since 2011. This issues exposes NSS based
clients such as Firefox to theoretical collision-based forgery attacks.
This issue was fixed in NSS version 3.20.2.
Security researcher Holger Fuhrmannek reported that a malicious Graphite
"smart font" could circumvent the validation of internal instruction
parameters in the Graphite 2 library using special CNTXT_ITEM
instructions. This could result in arbitrary code execution.
In general this flaw cannot be exploited through email in the
Thunderbird product, but is potentially a risk in browser or
browser-like contexts.
Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman,
Carsten Book, and Randell Jesup reported memory safety problems and crashes.
In general these flaws cannot be exploited through email in the
Thunderbird product because scripting is disabled, but are potentially a
risk in browser or browser-like contexts.
Bob Clary, Carsten Book, Christian Holler, Nicolas Pierron, Eric
Rescorla, Tyson Smith, Gabor Krizsanits, and Randell Jesup reported
memory safety problems and crashes.
In general these flaws cannot be exploited through email in the
Thunderbird product because scripting is disabled, but are potentially a
risk in browser or browser-like contexts.
Security researcher Aki Helin used the Address Sanitizer tool to find a
buffer overflow write when rendering some WebGL content. This leads to a
potentially exploitable crash.
In general this flaw cannot be exploited through email in the
Thunderbird product, but is potentially a risk in browser or
browser-like contexts.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | thunderbird | < 38.6.0-1 | UNKNOWN |
access.redhat.com/security/cve/CVE-2015-7575
access.redhat.com/security/cve/CVE-2016-1523
access.redhat.com/security/cve/CVE-2016-1930
access.redhat.com/security/cve/CVE-2016-1931
access.redhat.com/security/cve/CVE-2016-1935
www.mozilla.org/en-US/security/advisories/mfsa2015-150/
www.mozilla.org/en-US/security/advisories/mfsa2016-03/
www.mozilla.org/en-US/security/advisories/mfsa2016-14/
www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6